Exam AZ-305 topic 1 question 4 discussion

Here's why: - An access review is an Azure AD feature that enables administrators to review group memberships and application assignments, and allows group members to confirm whether they still require access. This enables every member to report whether they need to be in Group1, and if they do not, the access review can be configured to remove them automatically. - An access review can be set up to repeat automatically every three months, as required by the scenario. - Changing the Membership type of Group1 to Dynamic User is not a suitable solution for evaluating the membership of a security group with assigned membership. Dynamic user groups are based on rules and criteria, and do not include manually assigned members. - Implementing Azure AD Identity Protection is not relevant to evaluating the membership of a security group. - Implementing Azure AD Privileged Identity Management (PIM) is used for managing access to privileged roles in Azure AD, and is not relevant to the scenario.

C is correct

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-deployment-plan Provide just-in-time privileged access to resources Assign eligibility for membership or ownership of privileged access groups Assign time-bound access to resources using start and end dates Require approval to activate privileged roles Enforce multifactor authentication to activate any role Use justification to understand why users activate Get notifications when privileged roles are activated Conduct access reviews to ensure users still need roles Download audit history for internal or external audit

Correct Answer - C: Access Review An access review in an Azure AD feature that allows an admin to evaluate and verify user access to certain roles and resources. Based on the question's requirements, with an Access Review, we can configure periodic evaluations, implement access notifications for end-users, and auto-revoke access. https://learn.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview

access reviews are used for this question to check if the access is still required

Correct answer - C

C. Create an access review.

C is correct

What is the correct answer B or C? what is the difference between these two options pls?

c is right answer

C is the answer. https://learn.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview Access reviews in Azure Active Directory (Azure AD), part of Microsoft Entra, enable organizations to efficiently manage group memberships, access to enterprise applications, and role assignments. User's access can be reviewed regularly to make sure only the right people have continued access

C. Create an access review.

C looks right

Answer: C Creating an access review will do the job Not option D. Self review is not possible in Privileged Identity Management.

https://learn.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview -ANSSWER - C

C - no doubts

C - Best answer by far.